Introductions

I kind of had security dropped in my lap one day about 6 years ago. I signed up to be a developer for an Identity Management system, and a couple months later had Application Security responsibilities handed to me. After three years as the technical lead, I moved up to manager of the team. After a couple years of manager (I started writing applications for the iPhone to satisfy my need to write code), it was time to move on from consulting with teams on how to secure their applications to getting my hands dirty and doing it myself. So I moved into an Enterprise Architecture team and took over responsibilities for the Security API and an Enterprise Application Authorization system. And that is where I am at the moment; helping teams properly implement authorization in their applications. More to come on that at some point...